Date
July 22, 2025, 5:13 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 29.903927] ================================================================== [ 29.904258] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660 [ 29.905110] Write of size 1 at addr fff00000c3f71873 by task kunit_try_catch/167 [ 29.905224] [ 29.906013] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 29.906167] Tainted: [N]=TEST [ 29.906200] Hardware name: linux,dummy-virt (DT) [ 29.906417] Call trace: [ 29.906589] show_stack+0x20/0x38 (C) [ 29.906723] dump_stack_lvl+0x8c/0xd0 [ 29.906775] print_report+0x118/0x5e8 [ 29.906846] kasan_report+0xdc/0x128 [ 29.906894] __asan_report_store1_noabort+0x20/0x30 [ 29.906944] kmalloc_oob_right+0x5a4/0x660 [ 29.906992] kunit_try_run_case+0x170/0x3f0 [ 29.907042] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.907094] kthread+0x328/0x630 [ 29.907140] ret_from_fork+0x10/0x20 [ 29.907295] [ 29.907336] Allocated by task 167: [ 29.907449] kasan_save_stack+0x3c/0x68 [ 29.907513] kasan_save_track+0x20/0x40 [ 29.907548] kasan_save_alloc_info+0x40/0x58 [ 29.907585] __kasan_kmalloc+0xd4/0xd8 [ 29.907622] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.907669] kmalloc_oob_right+0xb0/0x660 [ 29.907707] kunit_try_run_case+0x170/0x3f0 [ 29.907743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.907784] kthread+0x328/0x630 [ 29.907828] ret_from_fork+0x10/0x20 [ 29.907882] [ 29.907942] The buggy address belongs to the object at fff00000c3f71800 [ 29.907942] which belongs to the cache kmalloc-128 of size 128 [ 29.908033] The buggy address is located 0 bytes to the right of [ 29.908033] allocated 115-byte region [fff00000c3f71800, fff00000c3f71873) [ 29.908097] [ 29.908175] The buggy address belongs to the physical page: [ 29.908577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f71 [ 29.908837] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.909161] page_type: f5(slab) [ 29.909451] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 29.909510] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.909608] page dumped because: kasan: bad access detected [ 29.909646] [ 29.909671] Memory state around the buggy address: [ 29.909908] fff00000c3f71700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.909975] fff00000c3f71780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.910027] >fff00000c3f71800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.910079] ^ [ 29.910164] fff00000c3f71880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.910205] fff00000c3f71900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.910266] ================================================================== [ 29.915660] ================================================================== [ 29.915707] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660 [ 29.915755] Read of size 1 at addr fff00000c3f71880 by task kunit_try_catch/167 [ 29.915801] [ 29.915846] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 29.916340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.916423] Hardware name: linux,dummy-virt (DT) [ 29.916720] Call trace: [ 29.916754] show_stack+0x20/0x38 (C) [ 29.917080] dump_stack_lvl+0x8c/0xd0 [ 29.917627] print_report+0x118/0x5e8 [ 29.917887] kasan_report+0xdc/0x128 [ 29.918333] __asan_report_load1_noabort+0x20/0x30 [ 29.918409] kmalloc_oob_right+0x5d0/0x660 [ 29.918777] kunit_try_run_case+0x170/0x3f0 [ 29.919159] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.919369] kthread+0x328/0x630 [ 29.919484] ret_from_fork+0x10/0x20 [ 29.919894] [ 29.919998] Allocated by task 167: [ 29.920057] kasan_save_stack+0x3c/0x68 [ 29.920244] kasan_save_track+0x20/0x40 [ 29.920445] kasan_save_alloc_info+0x40/0x58 [ 29.920516] __kasan_kmalloc+0xd4/0xd8 [ 29.920709] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.920947] kmalloc_oob_right+0xb0/0x660 [ 29.921067] kunit_try_run_case+0x170/0x3f0 [ 29.921156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.921282] kthread+0x328/0x630 [ 29.921338] ret_from_fork+0x10/0x20 [ 29.921373] [ 29.921393] The buggy address belongs to the object at fff00000c3f71800 [ 29.921393] which belongs to the cache kmalloc-128 of size 128 [ 29.921458] The buggy address is located 13 bytes to the right of [ 29.921458] allocated 115-byte region [fff00000c3f71800, fff00000c3f71873) [ 29.921864] [ 29.921889] The buggy address belongs to the physical page: [ 29.921925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f71 [ 29.922203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.922391] page_type: f5(slab) [ 29.922602] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 29.923016] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.923408] page dumped because: kasan: bad access detected [ 29.923536] [ 29.923828] Memory state around the buggy address: [ 29.923899] fff00000c3f71780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.924062] fff00000c3f71800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.924362] >fff00000c3f71880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.924409] ^ [ 29.924438] fff00000c3f71900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.924479] fff00000c3f71980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.924591] ================================================================== [ 29.911029] ================================================================== [ 29.911067] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660 [ 29.911216] Write of size 1 at addr fff00000c3f71878 by task kunit_try_catch/167 [ 29.911265] [ 29.911331] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT [ 29.911413] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.911504] Hardware name: linux,dummy-virt (DT) [ 29.911533] Call trace: [ 29.911555] show_stack+0x20/0x38 (C) [ 29.911603] dump_stack_lvl+0x8c/0xd0 [ 29.911649] print_report+0x118/0x5e8 [ 29.911693] kasan_report+0xdc/0x128 [ 29.911736] __asan_report_store1_noabort+0x20/0x30 [ 29.911784] kmalloc_oob_right+0x538/0x660 [ 29.912059] kunit_try_run_case+0x170/0x3f0 [ 29.912127] kunit_gen [ 29.912127] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.912272] kthread+0x328/0x630 [ 29.912316] ret_from_fork+0x10/0x20 [ 29.912801] [ 29.912905] Allocated by task 167: [ 29.912984] kasan_save_stack+0x3c/0x68 [ 29.913056] kasan_save_track+0x20/0x40 [ 29.913175] kasan_save_alloc_info+0x40/0x58 [ 29.913259] __kasan_kmalloc+0xd4/0xd8 [ 29.913292] __kmalloc_cache_noprof+0x16c/0x3c0 [ 29.913331] kmalloc_oob_right+0xb0/0x660 [ 29.913369] kunit_try_run_case+0x170/0x3f0 [ 29.913405] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 29.913446] kthread+0x328/0x630 [ 29.913478] ret_from_fork+0x10/0x20 [ 29.913513] [ 29.913531] The buggy address belongs to the object at fff00000c3f71800 [ 29.913531] which belongs to the cache kmalloc-128 of size 128 [ 29.913586] The buggy address is located 5 bytes to the right of [ 29.913586] allocated 115-byte region [fff00000c3f71800, fff00000c3f71873) [ 29.913646] [ 29.913917] The buggy address belongs to the physical page: [ 29.914302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f71 [ 29.914500] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 29.914610] page_type: f5(slab) [ 29.914658] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000100 dead000000000122 [ 29.914706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 29.914744] page dumped because: kasan: bad access detected [ 29.914773] [ 29.914790] Memory state around the buggy address: [ 29.914831] fff00000c3f71700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 29.914873] fff00000c3f71780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.914923] >fff00000c3f71800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 29.914960] ^ [ 29.915068] fff00000c3f71880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.915110] fff00000c3f71900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.915145] ==================================================================
[ 24.418115] ================================================================== [ 24.418762] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 24.419069] Write of size 1 at addr ffff8881058adf78 by task kunit_try_catch/184 [ 24.419744] [ 24.419848] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 24.419896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.419909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.419929] Call Trace: [ 24.419943] <TASK> [ 24.419989] dump_stack_lvl+0x73/0xb0 [ 24.420045] print_report+0xd1/0x640 [ 24.420068] ? __virt_addr_valid+0x1db/0x2d0 [ 24.420092] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.420137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.420197] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.420220] kasan_report+0x141/0x180 [ 24.420242] ? kmalloc_oob_right+0x6bd/0x7f0 [ 24.420268] __asan_report_store1_noabort+0x1b/0x30 [ 24.420292] kmalloc_oob_right+0x6bd/0x7f0 [ 24.420314] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.420337] ? __schedule+0x10da/0x2b60 [ 24.420363] ? __pfx_read_tsc+0x10/0x10 [ 24.420385] ? ktime_get_ts64+0x86/0x230 [ 24.420409] kunit_try_run_case+0x1a5/0x480 [ 24.420433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.420456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.420480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.420505] ? __kthread_parkme+0x82/0x180 [ 24.420525] ? preempt_count_sub+0x50/0x80 [ 24.420549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.420574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.420597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.420621] kthread+0x337/0x6f0 [ 24.420641] ? trace_preempt_on+0x20/0xc0 [ 24.420664] ? __pfx_kthread+0x10/0x10 [ 24.420684] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.420708] ? calculate_sigpending+0x7b/0xa0 [ 24.420731] ? __pfx_kthread+0x10/0x10 [ 24.420753] ret_from_fork+0x116/0x1d0 [ 24.420772] ? __pfx_kthread+0x10/0x10 [ 24.420793] ret_from_fork_asm+0x1a/0x30 [ 24.420823] </TASK> [ 24.420845] [ 24.430101] Allocated by task 184: [ 24.430398] kasan_save_stack+0x45/0x70 [ 24.430600] kasan_save_track+0x18/0x40 [ 24.430765] kasan_save_alloc_info+0x3b/0x50 [ 24.430955] __kasan_kmalloc+0xb7/0xc0 [ 24.431114] __kmalloc_cache_noprof+0x189/0x420 [ 24.431805] kmalloc_oob_right+0xa9/0x7f0 [ 24.432081] kunit_try_run_case+0x1a5/0x480 [ 24.432504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.432935] kthread+0x337/0x6f0 [ 24.433274] ret_from_fork+0x116/0x1d0 [ 24.433692] ret_from_fork_asm+0x1a/0x30 [ 24.433900] [ 24.433988] The buggy address belongs to the object at ffff8881058adf00 [ 24.433988] which belongs to the cache kmalloc-128 of size 128 [ 24.435061] The buggy address is located 5 bytes to the right of [ 24.435061] allocated 115-byte region [ffff8881058adf00, ffff8881058adf73) [ 24.436155] [ 24.436396] The buggy address belongs to the physical page: [ 24.436753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 24.437511] flags: 0x200000000000000(node=0|zone=2) [ 24.437807] page_type: f5(slab) [ 24.438088] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.438991] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.439494] page dumped because: kasan: bad access detected [ 24.439919] [ 24.440016] Memory state around the buggy address: [ 24.440475] ffff8881058ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.440776] ffff8881058ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.441067] >ffff8881058adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.441941] ^ [ 24.442446] ffff8881058adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.442941] ffff8881058ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.443467] ================================================================== [ 24.444435] ================================================================== [ 24.444748] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 24.445042] Read of size 1 at addr ffff8881058adf80 by task kunit_try_catch/184 [ 24.446012] [ 24.446243] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 24.446297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.446310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.446331] Call Trace: [ 24.446347] <TASK> [ 24.446362] dump_stack_lvl+0x73/0xb0 [ 24.446429] print_report+0xd1/0x640 [ 24.446455] ? __virt_addr_valid+0x1db/0x2d0 [ 24.446478] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.446499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.446525] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.446547] kasan_report+0x141/0x180 [ 24.446569] ? kmalloc_oob_right+0x68a/0x7f0 [ 24.446596] __asan_report_load1_noabort+0x18/0x20 [ 24.446620] kmalloc_oob_right+0x68a/0x7f0 [ 24.446642] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.446665] ? __schedule+0x10da/0x2b60 [ 24.446693] ? __pfx_read_tsc+0x10/0x10 [ 24.446715] ? ktime_get_ts64+0x86/0x230 [ 24.446738] kunit_try_run_case+0x1a5/0x480 [ 24.446763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.446785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.446810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.446846] ? __kthread_parkme+0x82/0x180 [ 24.446866] ? preempt_count_sub+0x50/0x80 [ 24.446889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.446913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.446937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.446961] kthread+0x337/0x6f0 [ 24.446981] ? trace_preempt_on+0x20/0xc0 [ 24.447004] ? __pfx_kthread+0x10/0x10 [ 24.447025] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.447048] ? calculate_sigpending+0x7b/0xa0 [ 24.447071] ? __pfx_kthread+0x10/0x10 [ 24.447092] ret_from_fork+0x116/0x1d0 [ 24.447112] ? __pfx_kthread+0x10/0x10 [ 24.447132] ret_from_fork_asm+0x1a/0x30 [ 24.447162] </TASK> [ 24.447174] [ 24.454972] Allocated by task 184: [ 24.455157] kasan_save_stack+0x45/0x70 [ 24.455356] kasan_save_track+0x18/0x40 [ 24.455503] kasan_save_alloc_info+0x3b/0x50 [ 24.455653] __kasan_kmalloc+0xb7/0xc0 [ 24.455785] __kmalloc_cache_noprof+0x189/0x420 [ 24.456024] kmalloc_oob_right+0xa9/0x7f0 [ 24.456221] kunit_try_run_case+0x1a5/0x480 [ 24.456435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.456684] kthread+0x337/0x6f0 [ 24.456823] ret_from_fork+0x116/0x1d0 [ 24.456997] ret_from_fork_asm+0x1a/0x30 [ 24.457136] [ 24.457206] The buggy address belongs to the object at ffff8881058adf00 [ 24.457206] which belongs to the cache kmalloc-128 of size 128 [ 24.457679] The buggy address is located 13 bytes to the right of [ 24.457679] allocated 115-byte region [ffff8881058adf00, ffff8881058adf73) [ 24.458542] [ 24.458616] The buggy address belongs to the physical page: [ 24.458789] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 24.459346] flags: 0x200000000000000(node=0|zone=2) [ 24.459570] page_type: f5(slab) [ 24.459711] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.460041] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.460383] page dumped because: kasan: bad access detected [ 24.460593] [ 24.460684] Memory state around the buggy address: [ 24.460897] ffff8881058ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.461205] ffff8881058adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.461474] >ffff8881058adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.461748] ^ [ 24.461900] ffff8881058ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.462157] ffff8881058ae080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.462448] ================================================================== [ 24.394402] ================================================================== [ 24.395015] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 24.395818] Write of size 1 at addr ffff8881058adf73 by task kunit_try_catch/184 [ 24.396251] [ 24.397192] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 24.397533] Tainted: [N]=TEST [ 24.397566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.397801] Call Trace: [ 24.397882] <TASK> [ 24.398024] dump_stack_lvl+0x73/0xb0 [ 24.398112] print_report+0xd1/0x640 [ 24.398141] ? __virt_addr_valid+0x1db/0x2d0 [ 24.398178] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.398200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.398226] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.398248] kasan_report+0x141/0x180 [ 24.398271] ? kmalloc_oob_right+0x6f0/0x7f0 [ 24.398297] __asan_report_store1_noabort+0x1b/0x30 [ 24.398321] kmalloc_oob_right+0x6f0/0x7f0 [ 24.398344] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 24.398367] ? __schedule+0x10da/0x2b60 [ 24.398394] ? __pfx_read_tsc+0x10/0x10 [ 24.398417] ? ktime_get_ts64+0x86/0x230 [ 24.398445] kunit_try_run_case+0x1a5/0x480 [ 24.398472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.398495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.398520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.398545] ? __kthread_parkme+0x82/0x180 [ 24.398567] ? preempt_count_sub+0x50/0x80 [ 24.398591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.398616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.398640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.398663] kthread+0x337/0x6f0 [ 24.398683] ? trace_preempt_on+0x20/0xc0 [ 24.398708] ? __pfx_kthread+0x10/0x10 [ 24.398729] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.398752] ? calculate_sigpending+0x7b/0xa0 [ 24.398777] ? __pfx_kthread+0x10/0x10 [ 24.398799] ret_from_fork+0x116/0x1d0 [ 24.398820] ? __pfx_kthread+0x10/0x10 [ 24.398853] ret_from_fork_asm+0x1a/0x30 [ 24.398908] </TASK> [ 24.398972] [ 24.405812] Allocated by task 184: [ 24.406163] kasan_save_stack+0x45/0x70 [ 24.406444] kasan_save_track+0x18/0x40 [ 24.406641] kasan_save_alloc_info+0x3b/0x50 [ 24.406866] __kasan_kmalloc+0xb7/0xc0 [ 24.407076] __kmalloc_cache_noprof+0x189/0x420 [ 24.407286] kmalloc_oob_right+0xa9/0x7f0 [ 24.407431] kunit_try_run_case+0x1a5/0x480 [ 24.407635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.407923] kthread+0x337/0x6f0 [ 24.408089] ret_from_fork+0x116/0x1d0 [ 24.408287] ret_from_fork_asm+0x1a/0x30 [ 24.408483] [ 24.408602] The buggy address belongs to the object at ffff8881058adf00 [ 24.408602] which belongs to the cache kmalloc-128 of size 128 [ 24.409443] The buggy address is located 0 bytes to the right of [ 24.409443] allocated 115-byte region [ffff8881058adf00, ffff8881058adf73) [ 24.409881] [ 24.410032] The buggy address belongs to the physical page: [ 24.410885] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058ad [ 24.411444] flags: 0x200000000000000(node=0|zone=2) [ 24.412057] page_type: f5(slab) [ 24.412694] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.413048] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.413476] page dumped because: kasan: bad access detected [ 24.413720] [ 24.413826] Memory state around the buggy address: [ 24.414365] ffff8881058ade00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.414731] ffff8881058ade80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.415132] >ffff8881058adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 24.415512] ^ [ 24.415881] ffff8881058adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.416247] ffff8881058ae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.416570] ==================================================================